THUNDERSTONE NEWS

December 2002 - Archive

CONTENTS

• Happy Holidays
• Webinator Security Patch
• SSL/HTTPS Support now Standard
• Customer Spotlight: nMatrix Inc.
• Subscription/Unsubscription and Contacts

The entire Thunderstone Software team wishes you all the best this holiday season. To enable our staff to spend the holidays with their families the Thunderstone offices will be closed on December 24th, and reopen January 2nd, 2003. During that period we will be monitoring voice mail, email and web messages, so if you have any questions please leave us a message.

All versions of the the Webinator 4 search script released before December 19, 2002 contain a cross-site scripting vulnerability. Affected versions are 4.0 through through 4.0.6 and 4.1 through 4.2.3.

If you have written your own <putmsg> function in Vortex you should check that you do not use <send> or <fmt %s> on the error message.

Versions 4.0.7 and 4.2.4 released December 19, 2002 fix the problem. Or you may apply the simple fix yourself.

For details see http://www.thunderstone.com/texis/site/pages/webinator4_cspatch.html

If you have downloaded a copy of Webinator in the past few months you may be seeing a message indicating that the free trial period for the HTTPS feature will end soon. You can safely ignore that message, as we have made HTTPS a standard feature in all versions of Webinator. You can download the latest versions of the Webinator scripts to remove the message.

Litigation is a booming business in the United States. That's not good news to some, but it creates interesting technology challenges. Larger and more complex lawsuits entail larger and more complex document management needs.

Some of the largest U.S. law firms, such as Skadden Arps, rely on Texis to search and manage legal documents through an application developed by Thunderstone integrator nMatrix Inc. The specialty of nMatrix is managing the "discovery" phase of U.S. legal proceedings.